3. Travelers want to ensure that everyone traveling on the airplane
is properly vetted and their identity verified.
To mitigate risk, TSA is implementing its Secure Flight program-a
behind-the-scenes watch list matching process that vets passengers
against government watch lists.
Secure Flight makes travel safer by more effectively identifying
individuals that may pose a known or suspected threat to aviation.
When fully implemented, Secure Flight will help prevent the
misidentification of passengers who have names similar to individuals
on government watch lists.
Once fully implemented, the Secure Flight process will provide
passengers a safer, more efficient and consistent travel
experience across all airlines.
Why Identity Matters
4. 4
Mission and Goals
The program’s goals are to:
Identify known and suspected terrorists.
Prevent individuals on the No Fly List from boarding an aircraft.
Subject individuals on the Selectee List to enhanced screening to
determine if they are permitted to board an aircraft.
Facilitate passenger air travel.
Protect individuals’ privacy .
The Mission of the Secure Flight program is to enhance the security of
domestic and international commercial air travel in the United States through
the use of improved watch list matching.
5. Secure Flight Benefits
Enhances the security of commercial air travel.
Raises the baseline standard in terms of the technology and
automation used in watch list matching .
Decreases the chance for compromised watch list data by limiting
distribution .
Expedites law enforcement notification by gaining earlier insight to
potential matches.
Provides fair, equitable, and consistent watch list matching across
all airlines.
Facilitates an expedited and integrated redress process for
misidentification passengers.
Supports the travel industry’s operational needs.
5
6. Secure Flight Program Background
6
The Transportation Security Administration (TSA) is acting upon:
A key recommendation of the 9/11 Commission was to implement
a uniform watch list matching program.
Section 4012 of the Intelligence Reform and Terrorism Prevention
Act (IRTPA) published in December 2004 requires the Department
of Homeland Security (DHS) to assume from aircraft operators the
function of conducting watch list matching of airline passenger
data to Federal Government watch lists for international and
domestic flights.
TSA issued the Secure Flight Final Rule in October 2008 and is currently
implementing the Secure Flight program.
7. 7
Secure Flight Scope
Applies to passengers traveling on covered airline flights:
Into, out of, or within the United States and its territories.
Over the continental United States.
Between two international points conducted by covered U.S.
airlines only.
Also applies to non-traveling individuals seeking authorization to
enter the sterile area of an airport.
At full capacity, Secure Flight will screen more than 2.5 million
passengers daily.
7
9. 9
Program Timeline
October 28, 2008: The Secure Flight Final Rule was published in
the Federal Register, and went into effect on December 29, 2008
January 2009: Secure Flight began implementation with
volunteer airlines
May 15, 2009: Domestic airlines are required to request full
name
August 15, 2009: Domestic airlines are required to request Secure
Flight Passenger Data (SFPD) : full name, gender, date of birth,
and redress number (if available)
October 31, 2009: All airlines are required to request full SFPD
Deployments for domestic airlines will occur through March 2010
Deployments for foreign airlines will begin at the end of 2009 and
continue through 2010
10. TSA will measure airline compliance against requirements identified
in the Secure Flight Final Rule and in the covered airline’s security
programs.
TSA issued an Aircraft Operator Implementation Plan and follow up
notification letters to communicate airline compliance details and
deadlines.
Secure Flight Passenger Data (SFPD) must be provided regardless of
booking source (direct sale, online, third party agent, etc).
Exception: TSA realizes that reservations made prior to the
compliance dates (8/15 and 10/31) that don’t have full SFPD will
need to phase out of the system.
Airline Compliance
11. Airlines are Required to:
Collect full name, date of birth, and gender (Secure Flight Passenger Data or SFPD)
on ticketed reservations for passengers flying domestically on/after August 15,
2009 and from passengers flying internationally on/after October 31, 2009.
Modify IT systems: Secure Flight’s implementation is a phased in process for both
TSA and the airlines. TSA has assigned unique compliance cutover dates to each
airline in its Aircraft Operator Implementation Plan.
Make a privacy notice available on public websites and self-serve kiosks before
collecting personally identifiable information.
Request a verifying identity document from passengers under certain
circumstances.
Contact Secure Flight Service Center when passenger resolution is required.
Airline Compliance Factors
12. Airline Compliance – cont’d
Airlines are also responsible for:
– Communicating system changes and requirements to GDS and reservation
partners.
– Communicating Secure Flight requirements to frequent flyers and passengers.
13. 13
Travel Agency Impact
Third party travel agencies (through aircraft operators) are
regulated to provide Secure Flight data
It is the airlines’s responsibility to require third parties to collect/send
Secure Flight Passenger Data.
Airlines in conjunction with the GDS’s have provided the third party
travel agencies the system requirements guidance for collection of
this data.
TSA expects airlines will work with the third parties to collect the
required data as quickly as possible and expects to see a steady
month-by-month increase in full SFPD submission rates throughout
2009 and into 2010 when all reservations should contain full SFPD.
14. 14
Traveler Impact
Aircraft operators/travel agencies began requesting Secure Flight
data on/about August 15, 2009.
Reservations made prior to August 15, 2009 for travel after that
date may not include full Secure Flight Passenger Data which, will
be accepted by TSA through early 2010.
TSA may not be able to clear as many reservations without full
Secure Flight Passenger data.
Passengers that are inhibited as a result may be required to supply
a Verified Identity Document to the aircraft operator prior to the
issuance of a boarding pass.
TSA has built flexibility into the system for small differences
between the passenger’s ID and the passenger’s reservation
information to accommodate travel after August 15, 2009.
15. 15
Ensuring Privacy
TSA has developed a comprehensive privacy
plan to incorporate privacy laws and
practices into all areas of Secure Flight.
TSA will collect the minimum amount of
personal information necessary to conduct
effective watch list matching.
The only required data elements will be full
name, DOB, gender, and itinerary.
TSA will retain personal information for the
minimum amount of time necessary.
TSA issued a Privacy Impact Assessment
(PIA) and System of Records Notice (SORN)
to provide detailed information about the
program's privacy approach in conjunction
with its Final Rule.
15
Secure Flight privacy approach is rooted
in Fair Information Practices
Foundational
Privacy Principles
Privacy Risk
Management
Redress &
Response
Monitoring &
Compliance
Awareness &
Training
Systems
Development
& Security
Policy
Organization
Foundational
Privacy Principles
Privacy Risk
Management
Redress &
Response
Monitoring &
Compliance
Awareness &
Training
Systems
Development
& Security
Policy
Organization
16. 16
Public Awareness Campaign
TSA partnered with airlines and the Ad Council to
educate travelers about Secure Flight.
Example communication materials available for
reproduction on tsa.gov/SecureFlight include:
Brochures for travel agencies and airlines.
Articles for in-flight magazines
Web site banners
Messages
Soft description of date of birth/gender
collection
Secure Flight is a behind-the-scenes watch
list matching process that vets passengers
against government watch lists.
Secure Flight helps prevent misidentification
of passengers who have names similar to
individuals on government watch lists.